Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          zRpDLaKxrJIYXhHHTugYWrkpQnDKjUStpvqmEAgE8aA=
Subject key identifier:   8E:91:55:D1:E4:58:C7:C3:53:DE:99:29:FA:CD:52:63:5C:88:A8:B1
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       0191F9349C1648505D903B15DBBB17E5E58B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          CB
Signing time:             Mon 16 Sep 2024 05:01:00 +0000
Manifest this update:     Mon 16 Sep 2024 05:01:00 +0000
Manifest next update:     Tue 17 Sep 2024 05:01:00 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: 7fbb8KHWKXEAF9hH40SsZeb3ZbXNHuSzh1/OZ8OBt6o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 05:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:34:9c:16:48:50:5d:90:3b:15:db:bb:17:e5:e5:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Sep 16 05:01:00 2024 GMT
            Not After : Sep 17 05:01:00 2024 GMT
        Subject: CN=8e9155d1e458c7c353de9929facd52635c88a8b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:cc:b3:8f:8e:71:3a:3f:b4:d9:df:6f:36:a4:
                    11:08:d5:55:ab:94:cd:41:b5:e4:d9:37:3b:95:2a:
                    19:79:45:39:35:48:21:da:5f:94:3c:da:1d:28:7d:
                    5a:10:aa:51:b1:c0:7b:6c:b5:19:b5:70:b8:f2:7a:
                    6b:8d:c6:4d:4b:23:e6:62:8d:47:f0:ab:d6:f8:76:
                    cb:c9:f2:3e:7d:eb:03:f4:e1:1a:74:06:6f:26:e1:
                    db:8b:d8:0c:64:73:97:e5:99:76:09:64:3a:79:43:
                    f0:70:c3:93:7a:aa:6e:13:24:45:cc:0c:6a:fb:51:
                    bd:5b:db:96:39:30:92:b3:b4:03:2b:33:04:85:cc:
                    47:74:c7:bb:19:15:22:0c:81:7d:5a:7b:2a:b8:23:
                    8c:9e:37:c0:e0:57:a1:d8:f7:42:74:26:0d:5a:8e:
                    ac:7c:02:4a:a7:ab:10:5e:03:73:a7:22:06:6e:33:
                    1f:c2:2b:c5:e6:23:00:d4:f2:3b:1a:0d:83:f2:a4:
                    96:39:d9:d8:c5:e9:17:c9:d5:5d:af:7c:d3:df:75:
                    2b:9e:f9:0a:03:b5:13:c8:af:f2:69:08:50:56:0a:
                    0b:08:db:bb:ef:9f:e3:5c:be:0e:7f:33:61:d8:2a:
                    ca:28:46:88:cd:63:ed:2b:85:65:1d:f1:45:21:b3:
                    ca:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:91:55:D1:E4:58:C7:C3:53:DE:99:29:FA:CD:52:63:5C:88:A8:B1
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:b8:e9:92:7a:15:95:f2:64:a7:90:0b:10:c7:46:d9:67:fb:
         2c:87:e9:2c:e3:66:34:41:ad:33:ff:c2:1f:45:9d:c5:6a:57:
         83:77:34:01:e7:56:0c:96:84:a5:22:0e:7b:8b:a0:f1:42:5c:
         a6:84:fd:e1:97:ba:b6:49:99:81:48:7d:b8:af:cb:24:af:f8:
         0b:6a:79:ba:77:c5:d0:cb:e6:bb:02:f2:90:4e:2a:d5:bb:59:
         2b:0d:20:a5:62:52:65:8e:56:be:ef:e8:c4:72:70:97:2c:ce:
         6f:4b:bf:19:41:52:73:54:b7:3c:da:74:50:04:46:54:53:5e:
         b0:00:77:cd:b6:e0:58:22:a5:c6:3e:d7:49:79:2a:87:64:51:
         74:c4:51:b2:17:1e:05:79:17:21:7f:c7:87:92:07:b1:59:8b:
         ae:86:a8:24:a8:d3:19:c7:64:ef:db:e9:92:63:f8:a5:70:c7:
         1c:c2:be:33:46:84:3e:4f:04:bd:12:b4:0c:07:72:7f:16:c6:
         a0:73:be:1f:b0:7f:7e:7a:96:a5:9d:32:07:61:cd:16:89:ef:
         cc:c5:47:42:42:bb:9d:29:6a:4d:68:f9:a8:89:da:cb:0d:65:
         59:e9:91:94:29:7b:77:89:fa:5d:88:24:a3:13:7c:69:6a:03:
         89:1f:01:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5NJwWSFBdkDsV27sX5eWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjQwOTE2MDUwMTAwWhcNMjQwOTE3MDUwMTAwWjAzMTEwLwYDVQQD
Eyg4ZTkxNTVkMWU0NThjN2MzNTNkZTk5MjlmYWNkNTI2MzVjODhhOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsyzj45xOj+02d9vNqQRCNVVq5TN
QbXk2Tc7lSoZeUU5NUgh2l+UPNodKH1aEKpRscB7bLUZtXC48nprjcZNSyPmYo1H
8KvW+HbLyfI+fesD9OEadAZvJuHbi9gMZHOX5Zl2CWQ6eUPwcMOTeqpuEyRFzAxq
+1G9W9uWOTCSs7QDKzMEhcxHdMe7GRUiDIF9WnsquCOMnjfA4Feh2PdCdCYNWo6s
fAJKp6sQXgNzpyIGbjMfwivF5iMA1PI7Gg2D8qSWOdnYxekXydVdr3zT33UrnvkK
A7UTyK/yaQhQVgoLCNu775/jXL4OfzNh2CrKKEaIzWPtK4VlHfFFIbPKzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6RVdHkWMfDU96ZKfrNUmNciKixMB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhrjpknoV
lfJkp5ALEMdG2Wf7LIfpLONmNEGtM//CH0WdxWpXg3c0AedWDJaEpSIOe4ug8UJc
poT94Ze6tkmZgUh9uK/LJK/4C2p5unfF0MvmuwLykE4q1btZKw0gpWJSZY5Wvu/o
xHJwlyzOb0u/GUFSc1S3PNp0UARGVFNesAB3zbbgWCKlxj7XSXkqh2RRdMRRshce
BXkXIX/Hh5IHsVmLroaoJKjTGcdk79vpkmP4pXDHHMK+M0aEPk8EvRK0DAdyfxbG
oHO+H7B/fnqWpZ0yB2HNFonvzMVHQkK7nSlqTWj5qInayw1lWemRlCl7d4n6XYgk
oxN8aWoDiR8Bcw==
-----END CERTIFICATE-----